<?php

include_once('global.php');
include_once('session.php');
include_once('dom.php');
include_once('cover.php');
include_once('messages.php');
include_once('options.php');


//--------------------------------------------------------------------------------
// Display the administration page
//--------------------------------------------------------------------------------
function showAdminPage() {
  global $dom;
  debug("Showing administration page");
  if( !isCurrentUserValidated() ) {
    addFault("You account have been rejected");
    return;
  }
  if( !isCurrentUserAdmin() ) {
    addFault("Access denied: only administrators are allowed here");
    return;
  }

  $xroot = $dom->documentElement;
  $xadmin = $dom->createElement("admin");
  $xroot->appendChild($xadmin);
}

//--------------------------------------------------------------------------------
// Display the preferences page
//--------------------------------------------------------------------------------
function showAdminPreferencesPage() {
  global $dom;
  debug("Showing preferences page");
  if( !isCurrentUserValidated() ) {
    addFault("You account have been rejected");
    return;
  }
  if( !isCurrentUserAdmin() ) {
    addFault("Access denied: only administrators are allowed here");
    return;
  }

  $xroot = $dom->documentElement;
  $xadmin = $dom->createElement("admin-preferences");
  $xroot->appendChild($xadmin);

  $xoption = $dom->createElement("option");
  $xoption->setAttribute("name", "voteopen");
  $xoption->setAttribute("value", (int)isVoteOpen());
  $xadmin->appendChild($xoption);
}

//--------------------------------------------------------------------------------
// Display the user list page
//--------------------------------------------------------------------------------
function showAdminUserListPage() {
  global $dom;
  debug("Showing user list page");
  if( !isCurrentUserValidated() ) {
    addFault("You account have been rejected");
    return;
  }
  if( !isCurrentUserAdmin() ) {
    addFault("Access denied: only administrators are allowed here");
    return;
  }

  $xroot = $dom->documentElement;
  $xadmin = $dom->createElement("admin-userlist");
  $xroot->appendChild($xadmin);

  $query = "SELECT pseudo, realname, email, contestant, cover, administrator, validated ";
  $query .= " FROM users";
  debugSQL($query);
  $rs = mysql_query( $query );
  if( $rs > 0 ) {
    while( list($pseudo, $realname, $email, $contestant, $cover, $administrator, $validated) = mysql_fetch_row ($rs) ) {
      $contestant = (int)$contestant;
      $administrator = (int)$administrator;
      $validated = (int)$validated;
      if( $cover==null || $cover=="" ) $cover = getFirstCover($pseudo);
      $xprofile = $dom->createElement("profile");
      $xprofile->setAttribute("pseudo", $pseudo);
      $xprofile->setAttribute("realname", $realname);
      $xprofile->setAttribute("email", $email);
      $xprofile->setAttribute("contestant", $contestant);
      $xprofile->setAttribute("cover", $cover);
      $xprofile->setAttribute("administrator", $administrator);
      $xprofile->setAttribute("validated", $validated);
      $xadmin->appendChild($xprofile);
    }
  }
}

//--------------------------------------------------------------------------------
// Display the administration page for validating pending registrations
//--------------------------------------------------------------------------------
function showAdminRegisterPage() {
  global $dom;
  debug("Showing administration-register page");
  if( !isCurrentUserValidated() ) {
    addFault("You account have been rejected");
    return;
  }
  if( !isCurrentUserAdmin() ) {
    addFault("Access denied: only administrators are allowed here");
    return;
  }

  $xroot = $dom->documentElement;
  $xadmin = $dom->createElement("admin-register");
  $xroot->appendChild($xadmin);

  $query = "SELECT pseudo, realname, email, contestant FROM users WHERE validated=0";
  debugSQL($query);
  $rs = mysql_query( $query );
  if( $rs > 0 ) {
    while( list($pseudo, $realname, $email, $contestant) = mysql_fetch_row ($rs) ) {
      $contestant = (int)$contestant;
      $xprofile = $dom->createElement("profile");
      $xprofile->setAttribute("pseudo", $pseudo);
      $xprofile->setAttribute("realname", $realname);
      $xprofile->setAttribute("email", $email);
      $xprofile->setAttribute("contestant", $contestant);
      $xadmin->appendChild($xprofile);
    }
  }
}

//--------------------------------------------------------------------------------
// Function called to validate registrations
//--------------------------------------------------------------------------------
function validateRegistrations() {
  debug("Validating registrations");
  if( !isCurrentUserValidated() ) {
    addFault("You account have been rejected");
    return;
  }
  if( !isCurrentUserAdmin() ) {
    addFault("Access denied: only administrators are allowed here");
    return;
  }

  $query = "SELECT pseudo FROM users WHERE validated=0";
  debugSQL($query);
  $rs = mysql_query( $query );
  if( $rs > 0 ) {
    while( list($pseudo) = mysql_fetch_row ($rs) ) {
      debug("Checking validation for $pseudo");
      $accept = (int)getParam("accept_$pseudo");
      $reject = (int)getParam("reject_$pseudo");
      $comment = getParam("comment_$pseudo");
      debug("accept=$accept reject=$reject comment=$comment");
      if( $reject == 1 ) reject_user($pseudo, $comment);
      else if( $accept == 1 ) accept_user($pseudo, $comment);
    }
  }

  pageSwitchBack("admin-register");
}

//--------------------------------------------------------------------------------
// Function called to update users
//--------------------------------------------------------------------------------
function updateUsers() {
  debug("Updating users");
  if( !isCurrentUserValidated() ) {
    addFault("You account have been rejected");
    return;
  }
  if( !isCurrentUserAdmin() ) {
    addFault("Access denied: only administrators are allowed here");
    return;
  }

  $query = "SELECT pseudo, administrator FROM users";
  debugSQL($query);
  $rs = mysql_query( $query );
  if( $rs > 0 ) {
    while( list($pseudo, $administrator) = mysql_fetch_row ($rs) ) {
      debug("Checking update for $pseudo");
      $makeadmin = (int)getParam("makeadmin_$pseudo");
      $delete = (int)getParam("delete_$pseudo");
      debug("makeadmin=$makeadmin delete=$delete");
      if( $delete == 1 ) delete_user($pseudo);
      else if( $makeadmin != $administrator ) makeadmin_user($pseudo, $makeadmin);
    }
  }

  pageSwitchBack("admin-userlist");
}

//--------------------------------------------------------------------------------
// Function called to update preferences
//--------------------------------------------------------------------------------
function updatePreferences() {
  debug("updating Preferences");
  setVoteOpen(getParam("pref_voteOpen"));

  // Reload option, just to be sure
  loadOptions();
  pageSwitchBack("admin-preferences");
}


//--------------------------------------------------------------------------------
// Accept a user
//--------------------------------------------------------------------------------
function accept_user($pseudo, $comment) {
  if( $comment==null || $comment=="" ) $comment="Welcome, jumper !";
  debug("Accepting registration of user $pseudo ($comment)");
  $query = "UPDATE users SET validated=1 WHERE pseudo='$pseudo'";
  debugSQL( $query );
  mysql_query( $query );
  addMessage($pseudo, $comment, 0);
  $name = "New jumper: $pseudo";
  $query = "INSERT INTO events (event_ts, name, description) VALUES (current_timestamp(), '$name', ''";
  debugSQL( $query );
  mysql_query( $query );
}

//--------------------------------------------------------------------------------
// Reject a user
//--------------------------------------------------------------------------------
function reject_user($pseudo, $comment) {
  if( $comment==null || $comment=="" ) $comment="Sorry, your candidature has been rejected";
  debug("Rejecting registration of user $pseudo ($comment)");
  $query = "UPDATE users SET validated=-1 WHERE pseudo='$pseudo'";
  debugSQL( $query );
  mysql_query( $query );
  addMessage($pseudo, $comment, 2);
}

//--------------------------------------------------------------------------------
// Make a user an administrator
//--------------------------------------------------------------------------------
function makeadmin_user($pseudo, $admin) {
  debug("Making user $pseudo an administrator ($admin)");
  $query = "UPDATE users SET administrator=$admin WHERE pseudo='$pseudo'";
  debugSQL( $query );
  mysql_query( $query );
}

//--------------------------------------------------------------------------------
// Delete a user
//--------------------------------------------------------------------------------
function delete_user($pseudo) {
  debug("Deleting user $pseudo");
  $query = "DELETE FROM favorites WHERE user='$pseudo'";
  debugSQL( $query );
  mysql_query( $query );
  $query = "DELETE FROM votes WHERE user='$pseudo'";
  debugSQL( $query );
  mysql_query( $query );
  $query = "DELETE FROM images WHERE user='$pseudo'";
  debugSQL( $query );
  mysql_query( $query );
  $query = "DELETE FROM messages WHERE user='$pseudo'";
  debugSQL( $query );
  mysql_query( $query );
  $query = "DELETE FROM sessions WHERE user='$pseudo'";
  debugSQL( $query );
  mysql_query( $query );
  $query = "DELETE FROM users WHERE pseudo='$pseudo'";
  debugSQL( $query );
  mysql_query( $query );
}

?>
